Some powerful options of Linux Dig command to Query DNS

February 26, 2014 | By
| Reply More

As Internet grows, people are getting hard to remember IP Addresses as a unique identity for computers. Then Domain Name System (DNS) concept came. DNS will map an IP Addresses into names. Names are easier to remember. The implementation of DNS then spread globally. Offices also using DNS to map their local IP Addresses for internal use. For system administrator who build DNS, he/she will need a tool to test it before it launch. One of a useful tool is dig command in Linux.

What is dig

Dig is a short from Domain Information Groper. It perform DNS lookups and displays the answers that are returned from the name server(s) that were queried.This tool is an alternative DNS lookup tool, nslookup. Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf

How to use dig

Run dig without any options

Without any options, dig will do a NS query for “.” (the root).
Here’s a sample output.

$ dig

; <> DiG 9.9.2-P1 <> linux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21655
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;linux.com. IN A

;; ANSWER SECTION:
linux.com. 1786 IN A 140.211.167.51
linux.com. 1786 IN A 140.211.167.50

;; AUTHORITY SECTION:
linux.com. 86386 IN NS ns1.linux-foundation.org.
linux.com. 86386 IN NS ns2.linux-foundation.org.

;; ADDITIONAL SECTION:
ns1.linux-foundation.org. 261 IN A 140.211.169.10
ns2.linux-foundation.org. 262 IN A 140.211.169.11

;; Query time: 258 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Sat Feb 8 21:35:35 2014
;; MSG SIZE rcvd: 158

Now we will read the output :

; <> DiG 9.9.2-P1 <> linux.com
;; global options: +cmd

This section tell us about dig itself. We know the dig version that we used is 9.9.2 and the global option we used is +cmd.

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21655
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3

This section will tell us about the technical answer from the DNS.

;; QUESTION SECTION:
;linux.com. IN A

This section is tell us about what query we asked to dig

.;; ANSWER SECTION:
linux.com. 1786 IN A 140.211.167.51
linux.com. 1786 IN A 140.211.167.50

This section tell us about the answer of the query that we did. Linux.com has two addresses. The IP 140.211.167.51 and 140.211.167.50.

;; AUTHORITY SECTION:
linux.com. 86386 IN NS ns1.linux-foundation.org.
linux.com. 86386 IN NS ns2.linux-foundation.org.

This section tell us about which DNS (or who) that have authority to answer the question of “what is the IP Address of Linux.com?”

;; ADDITIONAL SECTION:
ns1.linux-foundation.org. 261 IN A 140.211.169.10
ns2.linux-foundation.org. 262 IN A 140.211.169.11

This section tell us about the IP Address of the authority DNS above. We can disable this information by +[no]additional option.

;; Query time: 258 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Sat Feb 8 21:35:35 2014
;; MSG SIZE rcvd: 158

This section tell us about some statistic information. We can disable this information by using +[‘no]stats option.

Most common query

Dig manual pages will show you many valid queries. But in practical term, there are 5 common queries.

Query the NS of linux.com

NS is short for Name Server. This will show you the name of the server who responsible for linux.com domain

$ dig linux.com NS

Dig

Query the MX of linux.com

MX is short from Mail Exchanger. Querying MX will show you the name of SMTP of linux.com

$ dig linux.com MX

Dig query MX record

Query the Address of linux.com

To show the IP Address of the linux.com, we can use A keyword. A is a short for Address

$ dig linux.com A

Dig query A record

Query TXT of linux.com

TXT is a text annotation.

$ dig linux.com TXT

Dig query TXT record

Query everything

If you are unsure about what you are looking for, you can ANY keyword.

Dig query ANY record

Using query options

When running a query, dig provide options to customize the output. Here’s some popular cases in daily basis.

Display only the answer of the query

$ dig linux.com +noall +answer

Answer only

Display the answer and the question

$ dig ubuntu.com MX +noall +answer +question

Display Question and Answer

Display in short mode

This option will used if you want a quick answer

$ dig linux.com +short

Short answer

Display only the answer an the authority

To do this we can combine these options :

$ dig ubuntu.com MX +noall +answer +authority

Display Answer and Authority records

Display multiline queries

This +multiline option will show you records like the SOA records in a verbose multi-line format with human-readble comments. Here’s a sample of it.

$ dig ibm.com +multiline +noall +answer

Display multiline

Do a reverse lookup

Dig is not only for querying a name into an IP Address. Dig can do reverse lookup which querying the IP Address into a name. To do this, use -x option.

$ dig -x 140.211.167.51 +noall +answer

Reverse query

The output shows us that the IP 140.211.167.51 is belong to load2d.linux-foundation.org

Use spesific DNS to do the query

By default, dig will use DNS servers that defined in your /etc/resolv.conf
If you want to use another DNS server to perform your query, you can use @name_of_DNS_server keyword. Here's a sample.

$ dig @ns2.google.com gmail.com +nostat

Query using specific DNS

Do bulk lookups

To do this, we can do it in 2 ways. First, is using command line.

$ dig linux.com +noall +answer ubuntu.com +noall +answer

Bulk query using command line

Second, we can put the the hostnames or domains into a text file. Then use -f option to include the file.

$ dig -f hostnames.txt +noall +answer

Bulk query using text file

The hostnames.txt file is contains this lines :

linux.com
ubuntu.com

If a blank line were exist after ubuntu.com, then dig will query the NS for the “.” (root) also.

Conclusion

Dig is one of the tool available in the Linux operating system for interrogating DNS servers. With dig flexibility, administrators can use it to custom the dig output. As usual we can always type man dig or dig -h to explore more detail about dig command.

Filed Under : HOWTOS, LINUX COMMANDS

Free Linux Ebook to Download

Leave a Reply

Commenting Policy:
Promotion of your products ? Comment gets deleted.
All comments are subject to moderation.